cookbook 'le-certbot', '= 0.2.0'
le-certbot (9) Versions 0.2.0 Follow0
Manages certbot installation, Let's Encrypt certificates, and certbot renew scripts
cookbook 'le-certbot', '= 0.2.0', :supermarket
knife supermarket install le-certbot
knife supermarket download le-certbot
Certbot Cookbook
This cookbook is used to configure a system as a Chef Client.
Requirements
Platforms
- Ubuntu
Chef
- Chef 12.9+
Dependent Cookbooks
See USAGE.
Attributes
The following attributes affect the behavior of the chef-client program when running as a service through one of the service recipes, or in cron with the cron recipe, or are used in the recipes for various settings that require flexibility.
-
node['le-certbot']['rsa_key_size']
- Sets RSA key size for certificates requested withcertbot_certificate
. Default 4096. -
node['le-certbot']['webroot']
- Sets the webroot when requesting certificate withcertbot_certificate
. Default "/var/www". -
node['le-certbot']['renew_scripts_root']
- Sets the directory to install certbot renew scripts to. Default "/var/lib/letsencryptrenew". -
node['le-certbot']['renew_log']
- Sets the file to log certbot renew cron runs to. Default "/var/log/certbot.log". -
node['le-certbot']['certificates']
- Hash of locations certbot has installed certificates to on the node.
The following attributes are set on a per-platform basis, see the attributes/default.rb
file for default values.
-
node['le-certbot']['executable_path']
- Sets the default location of thecertbot
executable on the node. -
node['le-certbot']['live_path']
- Sets the default location certbot links live certificates to on the node.
Recipes
This section describes the recipes in the cookbook and how to use them in your environment.
default
Sets up certbot on the system with weekly certificate renewal check via cron.
Usage
Use the recipes as described above to configure your systems to run Chef as a service via cron / scheduled task or one of the service management systems supported by the recipes.
Resources
certbot
The certbot resource sets up certbot and installs a renew script cron by default.
Actions
:install
:remove
Properties
-
renew
- Whether to install the renew task and associated scripts. Default is 'true' -
frequency
- Frequency with which to run renew task (e.g., 'hourly', 'daily', etc.) Default is 'weekly' -
cookbook
- Cookbook to look for the mainrenew.sh.erb
template in that by default calls all scripts installed with thecertbot_renew_script
resource (see below). Default is 'le-certbot'
certbot_certificate
The certbot_certificate manages Let's Encrypt certificates via certbot.
Actions
:create
-
:delete
- deletes the certificate from the node -
:revoke
- revokes the certificate but does not delete it
Properties
-
domain
- Domain for the certificate. -
email
- Let's Encrypt account email. -
renew_policy
- Specifies whether when requesting certificate via certbot and a valid active certificate to keep it or force request a new one ('keep', 'force'). Default is 'keep' -
test
- Connect to Let's Encrypt staging servers instead of live. Default is 'false'
certbot_renew_script
The certbot_renew_script manages certificate renew hook scripts that run when any certificates have been updated.
Actions
:install
:delete
Properties
-
contents
- Contents of the script. The script is run via bash so most any commands are accepted. -
cookbook
- Cookbook to look for thescript.sh.erb
template that wraps the script if for example you want to use a different shebang. Default is 'le-certbot'
License
Copyright: (c) 2017 Kristjan Rang
MIT License
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
Dependent cookbooks
This cookbook has no specified dependencies.
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
le-certbot Cookbook CHANGELOG
This file is used to list changes made in each version of the le-certbot cookbook.
0.2.0 (2017-12-)
Breaking changes
Refactored all resources - some properties were changed. Removed the certbot_link resource.
Other Changes
- Added tests and set up Travis CI.
Collaborator Number Metric
0.2.0 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.2.0 passed this metric
License Metric
0.2.0 passed this metric
No Binaries Metric
0.2.0 passed this metric
Testing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.2.0 passed this metric
0.2.0 failed this metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.2.0 passed this metric
License Metric
0.2.0 passed this metric
No Binaries Metric
0.2.0 passed this metric
Testing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.2.0 passed this metric
0.2.0 passed this metric
0.2.0 passed this metric
No Binaries Metric
0.2.0 passed this metric
Testing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.2.0 passed this metric
0.2.0 passed this metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.2.0 passed this metric
0.2.0 passed this metric